Awesome job. I maintain 20+ sites with typically a dozen to three dozen users at each site, all connected to each other via VPN, and have begun the transition from IPCop to pfSense.

Someone mentioned slow or nonexistent development cycles – IPCop has been promising a new release for a few YEARS. I had waited patiently, occasionally checking other distros for the stability, compatibility, and features I enjoyed in IPCop. An acquaintance who works for a state education agency showed me his personal pfSense box last year, I downloaded a copy, loaded it into a new hard drive on my test system – a Dell Dimension 2400 with a Celeron 2.4GHz and 2GB of RAM – and haven’t looked back.

The IPSec implementation in pfSense is compatible with IPCop, and I have found a 1:1 relationship regarding the features I implement at my sites, so the end users haven’t noticed the transition – I can replace units one site at a time and maintain compatibility with the other sites.

I have been running 1.2 for the last 527 days with an average load of 40mbps, I have several production systems for several known companies (healthcare, communications, etc) with several VPN connections and other services. I have not have any problem so far.

]]>By: aznetplushttps://blog.pfsense.org/?p=576&cpage=3#comment-9827
Thu, 17 Feb 2011 22:47:11 +0000http://blog.pfsense.org/?p=576#comment-9827We love pfsense, our own pfsense firewall has been running for 701 days. I did take a screen shot of it, it would have been longer, but about 23 months ago, I was working in the server rack and rebooted the wrong firewall. We have a little over 30 servers serving mail, sharepoint, sql and rdp services.

We are very excited about the 2.0 version, our testing has been looking very good. Please take your time and produce a great product like all your other releases have been. Everyone Raise your glass and solute to the pfsense team.

Thank you!!!

]]>By: joeinternetshttps://blog.pfsense.org/?p=576&cpage=3#comment-9819
Thu, 17 Feb 2011 05:37:20 +0000http://blog.pfsense.org/?p=576#comment-9819Tom you are missing the point. Too much business school? the best tools are FREE.

The day i can print out a wrench, I will have no need of canadian tire any longer. Go dev team go! I am eagerly awaiting you to drop the phat new firmwares YO

And i leave you with, the parable of the magic hammer:

Seriously though, I’m sure that a lot of people think the way this guy thinks. It’s an easy mistake to make, especially if you look at software as being analogous to physical property. The analogy breaks down pretty quickly if you look at it. I like to use the example of the “magic hammer”.

If I attach a rock to the end of a stick to make a real-life hammer, and I give it to you, now I don’t have a hammer anymore. With software, I can sell the hammer to you, and I still somehow have an identical hammer (that’s how Microsoft makes the big bucks). With open source software, I give you the hammer with instructions on how to make it. I haven’t really lost anything by giving you the hammer – I still have my copy, and copying it took about 3 seconds. You are encouraged to share the hammer with your friends (and you don’t loose anything by doing so either). You can also make improvements to the hammer. Only an enterprising few will do this, but the effect is cumulative. When someone forges a brass head for the hammer, poof! Everyone’s hammers are now better. Steel head? Poof! Claw on the back for pulling nails? Poof! It doesn’t take long before everybody has a really good hammer.

That is awesome, 380 is still amazing. That statement with my statement indicates that pfsense is without a doubt is in no shape or form put together by anyone lazy. It is very obvious a lot has gone into this project. Just the fact that you can use such legacy hardware to run something as long as 380 days or 428 days says it all. I know that my system would have run longer than 428, but I did something stupid and forced the system to reboot.

The system I use is not nearly as legacy as your system. It is on a DELL Poweredge 1950 with all the trimmings 4GB RAM, redundant power supply, dual quad core processors. The big thing I was trying to point out on my last post was I have a production system that has around 300 users behind it with the system running SNORT and Country block, a couple dozen IPSec VPN’s tunnels site-to-site and around 60 mobile clients that are connected at all time’s of the day. 428 days of uptime on a system load like this is very impressive from my point of view. Our facility runs 24/7 365 and never stops for holidays. This means I need reliability.

I run pfsense at my home as well and it sits on some older hardware like yours. I believe the system I have at home is an old PIII 866 Coppermine I put together a long time ago. The system does just fine and has since the 1.0 beta days of pfsense. I will more and likely wait for the final release of the 2.0 platform before I upgrade from 1.2.3 RELEASE.

Thanks for your input.

]]>By: Alanhttps://blog.pfsense.org/?p=576&cpage=3#comment-9781
Mon, 14 Feb 2011 02:53:00 +0000http://blog.pfsense.org/?p=576#comment-9781Another testament to pfSense, I just got done with an install for a friend, Intel Atom D510, 1GB RAM, Dual Gig NICs and a 4GB CF in a SATA II adapter. I tried to destroy it on my local network (on the WAN side of the pfSense) with DOS and every other test I could run from Backtrack, pfSense didn’t even budge, just kept pumping right along, the CPU peaked at 50% for about 2 seconds. That’s with 1.2.3. Can’t wait to try 2.0!
]]>By: Chris Buechlerhttps://blog.pfsense.org/?p=576&cpage=3#comment-9780
Mon, 14 Feb 2011 02:29:52 +0000http://blog.pfsense.org/?p=576#comment-9780maccam94: exactly. Lots of lessons learned in the process here.

Tom: that’s one thing we won’t do is make people pay for what’s freely available now, or restrict it in some fashion unless you pay. We’re looking at options for increasing revenues, without doing anything like that. We’ve done very well to date, but more resources is always better.